Secure Firewall Management Center@5.4.0 Security Vulnerabilities and Issues — Secure Firewall Management Center@5.4.0 CVE List

Lucene search

CiscoSecure Firewall Management Center5.4.0

15 matches found

CVE•added 2016/10/06 10:59 a.m.•61 views

CVE-2016-6433

The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug ID CSCva30872.

9CVSS8.6AI score0.72601EPSS

CVE•added 2018/07/16 5:29 p.m.•58 views

CVE-2018-0385

A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due...

7.5CVSS7.6AI score0.00579EPSS

CVE•added 2018/04/19 8:29 p.m.•53 views

CVE-2018-0233

A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a de...

8.6CVSS8.3AI score0.00484EPSS

CVE•added 2016/10/27 9:59 p.m.•52 views

CVE-2016-6439

A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software before 6.0.1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper han...

7.5CVSS7.6AI score0.0022EPSS

CVE•added 2016/02/26 5:59 a.m.•46 views

CVE-2016-1342

The device login page in Cisco FirePOWER Management Center 5.3 through 6.0.0.1 allows remote attackers to obtain potentially sensitive software-version information by reading help files, aka Bug ID CSCuy36654.

5.3CVSS5.1AI score0.0023EPSS

CVE•added 2016/10/05 10:59 a.m.•46 views

CVE-2016-6419

SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 through 5.4.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCur25485.

7.5CVSS7.7AI score0.00542EPSS

CVE•added 2017/07/04 12:29 a.m.•45 views

CVE-2017-6716

A vulnerability in the web framework code of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system. Affected Products: Cisco Firepower Management Center Software...

5.4CVSS5.1AI score0.00171EPSS

CVE•added 2016/06/18 1:59 a.m.•43 views

CVE-2016-1431

Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCur25516.

6.1CVSS6AI score0.0025EPSS

CVE•added 2017/07/04 12:29 a.m.•43 views

CVE-2017-6715

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. Affected Products: Cisco Firepower Management Center Releases 5.4.1.x and prior. More Informati...

5.4CVSS5.2AI score0.00171EPSS

CVE•added 2016/08/18 7:59 p.m.•41 views

CVE-2016-1458

The web-based GUI in Cisco Firepower Management Center 4.x and 5.x before 5.3.0.3, 5.3.1.x before 5.3.1.2, and 5.4.x before 5.4.0.1 and Cisco Adaptive Security Appliance (ASA) Software on 5500-X devices with FirePOWER Services 4.x and 5.x before 5.3.0.3, 5.3.1.x before 5.3.1.2, and 5.4.x before 5.4...

9CVSS8.3AI score0.00195EPSS

CVE•added 2017/02/03 7:59 a.m.•41 views

CVE-2017-3814

A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to maliciously bypass the appliance's ability to block certain web content, aka a URL Bypass. More Information: CSCvb93980. Known Affected Releases: 5.3.0 5.4.0 6.0.0 6.0.1 6.1.0.

5.8CVSS5.6AI score0.00317EPSS

CVE•added 2017/07/04 12:29 a.m.•41 views

CVE-2017-6717

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. More Information: CSCvc38801. Known Affected Releases: 6.0.1.3 6.2.1. Known Fixed Releases: 6.2...

5.4CVSS5.2AI score0.00171EPSS

CVE•added 2016/05/28 1:59 a.m.•39 views

CVE-2016-1413

The web interface in Cisco Firepower Management Center 5.4.0 through 6.0.0.1 allows remote authenticated users to modify pages by placing crafted code in a parameter value, aka Bug ID CSCuy76517.

6.5CVSS6.2AI score0.00181EPSS

CVE•added 2016/08/18 7:59 p.m.•38 views

CVE-2016-1457

The web-based GUI in Cisco Firepower Management Center 4.x and 5.x before 5.3.1.2 and 5.4.x before 5.4.0.1 and Cisco Adaptive Security Appliance (ASA) Software on 5500-X devices with FirePOWER Services 4.x and 5.x before 5.3.1.2 and 5.4.x before 5.4.0.1 allows remote authenticated users to execute ...

9CVSS8.8AI score0.0026EPSS

CVE•added 2016/08/23 2:11 a.m.•37 views

CVE-2016-6365

Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCur25508 and CSCur25518.

6.1CVSS6AI score0.00229EPSS